From: "XML DSig" <xmldsig@hotmail.com>
To: w3c-ietf-xmldsig@w3.org
Date: Thu, 08 Mar 2001 15:36:29 +0530
Message-ID: <F246FkuutSgcOrBLSAQ00002bac@hotmail.com>
>Hi:
>
>The XML-Signature requirements document in
>section 3.2 Format mentions
>
>XML Signature must provide a mechanism that facilitates the
>production of composite documents - by addition or deletion
>-- while preserving the signature characteristics of the cnsitituent
>parts.
>
>I will appreciate inputs in terms of a business / real-life situation
>to understand this point better.
>
>I am newbie in XMLDSig.
Most protocols of any complexity include instances of composite
messages including multiple signatures that cover various parts of the
message, parts of previous messages, and parts of the protocol
context. On receipt by a protocol participant of such a message, it
is commmon to tear it apart, verify some signatures on some data
items, update the protocol context, and compose a new message to
another party including some received signatures, some newly
calculated signatures, and an assortment of data items.
XMLDSIG supports this requirement primarily via the References and
Manifest lists and Transforms.
For an example of a complex protocol, see the SET protocol
<http://www.setco.org>. For more of my personal philosophic
meanderings on this topic, see
<ftp://ftp.ietf.org/internet-drafts/draft-eastlake-proto-doc-pov-02.txt>.
>Thank you.
>XMLDSig.
Donald
===================================================================
Donald E. Eastlake 3rd dee3@torque.pothole.com
155 Beaver Streeet lde008@dma.isg.mot.com
Milford, MA 01757 USA +1 508-634-2066(h) +1 508-261-5434(w)